We first create a socket object with the AF_INET and SOCK_STREAM param-
eters 1. The AF_INET parameter indicates we’ll use a standard IPv4 address
or hostname, and SOCK_STREAM indicates that this will be a TCP client. We
then connect the client to the server 2 and send it some data as bytes 3.
The last step is to receive some data back and print out the response 4 and
then close the socket. This is the simplest form of a TCP client, but it’s the
one you’ll write most often.
This code snippet makes some serious assumptions about sockets that
you definitely want to be aware of. The first assumption is that our con-
nection will always succeed, and the second is that the server expects us to
send data first (some servers expect to send data to you first and await your
response). Our third assumption is that the server will always return data
to us in a timely fashion. We make these assumptions largely for simplic-
ity’s sake. While programmers have varied opinions about how to deal
with blocking sockets, exception-handling in sockets, and the like, it’s
quite rare for pentesters to build these niceties into their quick-and-dirty
tools for recon or exploitation work, so we’ll omit them in this chapter

In [15]:
import socket

target_host = "www.google.com"
target_port = 80
# create a socket object
#The AF_INET parameter indicates we’ll use a standard IPv4 address
#or hostname, and SOCK_STREAM indicates that this will be a TCP client.
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

In [16]:
# connect the client
client.connect((target_host,target_port))

In [18]:
# send some data
client.send(b"GET / HTTP/1.1\r\nHost: www.google.com\r\n\r\n")
# receive some data
response = client.recv(4096)
print(response.decode())
client.close()

HTTP/1.1 200 OK
Date: Tue, 09 Jul 2024 18:37:09 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-sJjJCntxavw4QbYyagVmPw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AVYB7cppIrxacBwVPy7sfoqdXkVft-QSPWlKhbVI3EC1fQ9H2R0c06Vrlg; expires=Sun, 05-Jan-2025 18:37:09 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
Set-Cookie: NID=515=YB3wTjCTzhh90I2dNrikC7VgzbG5673lXrwr1tXm5Ypfg8ca6a1wNqj4fRV16EAsDwK7pFDmgSLxbmGJgdoJIRua4tbR1ePXK9QyIPNjDgiFkDq1_VWR-f58wheuI6Z3u6H3ZW3c-7ZphbqVj-wZzP2dFrJ4He5UDA6VrTgbhnM; expires=Wed, 08-Jan-2025 18:37:09 GMT; path=/; domain=.google.com; HttpOnly
Accept-Ranges: none
Vary: Accept-Encoding
T